From ce399480a464f9ea330337ccc4434690bd0d7467 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 9 Jul 2017 16:08:26 +0100 Subject: [PATCH 1/7] updated README --- README.md | 12 +- manifests/sites/vhost.pp | 156 +++++++++++++++++++++++++ templates/vhost/CentOS/6/vhost.erb | 22 ++++ templates/vhost/CentOS/6/vhost_ssl.erb | 49 ++++++++ 4 files changed, 238 insertions(+), 1 deletion(-) create mode 100644 manifests/sites/vhost.pp create mode 100644 templates/vhost/CentOS/6/vhost.erb create mode 100644 templates/vhost/CentOS/6/vhost_ssl.erb diff --git a/README.md b/README.md index 51a49d9..ec20628 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ ### Synopsis `Apache httpd` is a very powerful and widely used web server. -`cd_apache` automates the installation and configuration of httpd. This module is a base module providing the httpd service itself, meaning that it is designed to be used by other role- or profile modules, adding more detailed configurations specific to the particular use case, i.e. full content servers, front-end for application servers, proxies etc. +`cd_apache` automates the installation and configuration of httpd. This module is a base module simply providing the httpd service itself to be used by other role- or profile modules, adding more detailed configurations specific to the particular use case. ### WARNING `**__!!! Attention: Never use this puppet module on systems which have been previously configured manually. It is impossible to predict how and what would have been configured, hence previuos configurations outside the scope of this module may be overwritten! Automated configurations require a test environment to verify that the module suits the purpose intended by the user, as well as tune the parameters, before deploying into live production!!! __**` @@ -44,6 +44,16 @@ Configuration Maintenance * manage the service +#### vHosts +As stated in the ynopsis, this module was written particularly for usage as base module. `Apache httpd` has a great number of usae cases where it actually is not used directly as full blown webser, but instead as 'sub-service'. Examples here would be + +* frontend proxy for other applications to avoid having to put the port number into the URL +* applications like phpMyAdmin, phpPgAdmin +* WordPress +* Nagios etc. + +With those use cases, you would provide the vHosts at the Puppet module for the application, not the base module. Also, if you plan to use this module to run a plain fully fledged web server, you would use a role- or profile class/module on top of `cd_apache` to set up your vHost exactly as needed. Examples for regular basic vHost configuration files are included in the examples directory. The exact layout for your particular vhost configuration files depend a lot on your application and organization requirements, and cannot be predicted from outside per se. + ### Repo Structure Repostructure as been moved to REPOSTRUCTURE.md diff --git a/manifests/sites/vhost.pp b/manifests/sites/vhost.pp new file mode 100644 index 0000000..724448e --- /dev/null +++ b/manifests/sites/vhost.pp @@ -0,0 +1,156 @@ +## cd_apache::sites::vhost +# Module name: cd_apache +# Author: Arne Teuke (arne_teuke@confdroid.com) +# License: +# This file is part of cd_apache. +# +# cd_apache is used for providing automatic configuration of +# Apache Websites. +# Copyright (C) 2014 confdroid (copyright@confdroid.com) +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# @summary Define to allow setting up individual multiple virtual hosts. +# @param [boolean] ae_use_https Whether or not to use https. It is highly +# recommended to **__always__** use https. Using certbot/letsencypt as +# automated CA certification option, it does create additional costs but +# increases traffic security of your website for your users. +# @param [boolean] ae_http_https_fw Whether or not to forward http traffic to +# https. Recommended. Only active if `ae_use_https` is set to `true`. +# @param [string] ae_vhost_port Specify the port number for the vhost +# @param [string] ae_ssl_vhost_port Specify the ssl port number for the vhost. +# @param [string] ae_server_admin email address, where problems with the server +# should be e-mailed to. This address appears on some server-generated pages, +# such as error documents. e.g. admin@your-domain.com +# @param [string] ae_server_name What domain name should the vhost listen to, +# i.e. example.com. do not use `www.` in here as that is automatically added +# through the template, and the server_name itself is added through aliases. +# @param [string] ae_vhost_root_path The root path where your vhost will live. +# i.e. /var/www/html. This is used to build a string for the full doc path +# together with `ae_server_name` i.e. /var/www/html/example.com +# @param [string] ae_allow_from Specify a network address here if trying to +# strict access to the website to a particular network range. Otherwise leave +# `all` to allow unrestricted access. +# @param [boolean] ae_use_access_log Whether or not to keep an access log for +# your website. Note that in certain contries it is illegal nowadays to keep +# the access log for prolonged time or to keep it at all. +# @param [string] ae_dir_index Specify the directory index, i.e. `index.html` +# or `index.php` etc. +# @param [string] ae_vhost_loglevel Specify the LogLevel. +# @param [string] ae_ssl_protocol Specify the supported ssl protocols, i.e. +# `all TLSv1 -SSLv2 -SSLv3` (i.e. do not support any SSL version as they all +# are compromised, use TLS only). +# @param [string] ae_ssl_cipher_suite Specify teh cipher suite you want to +# support. +############################################################################## +define cd_apache::sites::vhost ( + +$ae_use_https = true, +$ae_http_https_fw = true, +$ae_vhost_port = '80', +$ae_ssl_vhost_port = '443', +$ae_server_admin = 'root@localhost', +$ae_server_name = undef, +$ae_vhost_root_path = '/var/www/html/', +$ae_allow_from = 'all', +$ae_use_access_log = false, +$ae_dir_index = 'index.html', +$ae_vhost_loglevel = 'warn', +$ae_ssl_protocol = 'all TLSv1 -SSLv2 -SSLv3', +$ae_ssl_cipher_suite = 'EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4', +$ae_tls_cert_path = '/etc/pki/tls/certs', +$ae_tls_key_path = '/etc/pki/tls/private', +$ae_ssl_vhost_cert = "${::domain}.crt", +$ae_ssl_vhost_key = "${::domain}.key", +$ae_ssl_vhost_chain = "${::domain}.ca-cert", +$ae_use_certbot = true, + +) { + +$ae_manage_cfg = $::cd_apache::params::ae_manage_cfg +$ae_conf_d_dir = $::cd_apache::params::ae_conf_d_dir +$ae_service = $::cd_apache::params::ae_service +$ae_doc_root = "${ae_vhost_root_path}/${ae_server_name}" +$ae_vhost_erb = $::cd_apache::params::ae_vhost_erb +$ae_vhost_ssl_erb = $::cd_apache::params::ae_vhost_ssl_erb + + + # allow creating vhosts but only if we are managing the server configuration + if $ae_manage_cfg == true { + if $ae_use_https != true { + + file { "${name}.conf": + ensure => file, + path => "${ae_conf_d_dir}/${name}.conf", + owner => 'root', + group => 'foot', + mode => '0644', + selrange => s0, + selrole => object_r, + seltype => httpd_config_t, + seluser => system_u, + content => template($ae_vhost_erb), + notify => Service[$ae_service], + } + } + + if $ae_use_https == true { + if $ae_http_https_fw == true { + + file { "${name}.conf": + ensure => file, + path => "${ae_conf_d_dir}/${name}.conf", + owner => 'root', + group => 'foot', + mode => '0644', + selrange => s0, + selrole => object_r, + seltype => httpd_config_t, + seluser => system_u, + content => template($ae_vhost_erb), + notify => Service[$ae_service], + } + + file { "${name}_ssl.conf": + ensure => file, + path => "${ae_conf_d_dir}/${name}_ssl.conf", + owner => 'root', + group => 'foot', + mode => '0644', + selrange => s0, + selrole => object_r, + seltype => httpd_config_t, + seluser => system_u, + content => template($ae_vhost_ssl_erb), + notify => Service[$ae_service], + } + } + + if $ae_http_https_fw != true { + + file { "${name}_ssl.conf": + ensure => file, + path => "${ae_conf_d_dir}/${name}_ssl.conf", + owner => 'root', + group => 'foot', + mode => '0644', + selrange => s0, + selrole => object_r, + seltype => httpd_config_t, + seluser => system_u, + content => template($ae_vhost_ssl_erb), + notify => Service[$ae_service], + } + } + } + } +} diff --git a/templates/vhost/CentOS/6/vhost.erb b/templates/vhost/CentOS/6/vhost.erb new file mode 100644 index 0000000..da0aa5a --- /dev/null +++ b/templates/vhost/CentOS/6/vhost.erb @@ -0,0 +1,22 @@ + > + ServerAdmin <%= @ae_server_admin%> + ServerName www.<%= @ae_server_name %> + ServerAlias <%= @ae_server_name %> + DocumentRoot <%= @ae_doc_root %> + + <% if @ae_use_https == true and @ae_http_https_fw == true -%> + Redirect permanent / https://<%= @ae_server_name %>/ + <% else -%> + DirectoryIndex <%= @ae_dir_index %> + + AllowOverride none + Order Allow,Deny + Allow from <%= @ae_allow_from %> + + <% end %> + ErrorLog /var/log/httpd/<%= @ae_server_name%>_error_log + <% if @ae_use_access_log == true %> + CustomLog /var/log/httpd/<%= @ae_server_name%>_access_log common + <% end %> + LogLevel <%= @ae_vhost_loglevel %> + diff --git a/templates/vhost/CentOS/6/vhost_ssl.erb b/templates/vhost/CentOS/6/vhost_ssl.erb new file mode 100644 index 0000000..05689bb --- /dev/null +++ b/templates/vhost/CentOS/6/vhost_ssl.erb @@ -0,0 +1,49 @@ + > + ServerAdmin <%= @ae_server_admin %> + DocumentRoot <%= @ae_doc_root %> + ServerName www.<%= @ae_server_name %> + ServerAlias <%= @ae_server_name %> + DirectoryIndex <%= @ae_dir_index %> + ErrorLog /var/log/httpd/<%= @ae_server_name %>_ssl_error_log + TransferLog /var/log/httpd/<%= @ae_server_name%>_ssl_transfer_log + <% if @ae_use_access_log == true -%> + CustomLog /var/log/httpd/<%= @ae_server_name%>_ssl_access_log common + <% end -%> + LogLevel <%= @ae_vhost_loglevel %> + SSLEngine on + SSLProtocol <%= @ae_ssl_protocols%> + SSLCipherSuite "<%= @ae_ssl_ciphersuite%>" + +<% if @ae_use_certbot == true -%> + SSLCertificateFile /etc/letsencrypt/live/<%= @ae_server_name %>/cert.pem + SSLCertificateKeyFile /etc/letsencrypt/live/<%= @ae_server_name %>/privkey.pem + SSLCertificateChainFile /etc/letsencrypt/live/<%= @ae_server_name %>/fullchain.pem +<% else -%> + SSLCertificateFile <%= @ae_tls_cert_path %>/<%= @ae_ssl_vhost_cert %> + SSLCertificateKeyFile <%= @ae_tls_key_path %>/<%= @ae_ssl_vhost_key %> + SSLCertificateChainFile <%= @ae_tls_cert_path %>/<%= @ae_ssl_vhost_chain %> +<% end -%> + + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + + AllowOverride none + Order Allow,Deny + Allow from <%= @ae_allow_from %> + + + <% end %> + + SetEnvIf User-Agent ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + CustomLog logs/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + From ef4e41395b0e8af083815ebafdb903867059ab89 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 9 Jul 2017 16:15:32 +0100 Subject: [PATCH 2/7] updated README with vhost details and updated version --- README.md | 4 ++-- {templates/vhost/CentOS/6 => examples}/vhost.erb | 0 {templates/vhost/CentOS/6 => examples}/vhost_ssl.erb | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename {templates/vhost/CentOS/6 => examples}/vhost.erb (100%) rename {templates/vhost/CentOS/6 => examples}/vhost_ssl.erb (100%) diff --git a/README.md b/README.md index ec20628..4198f57 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ |Repo Name| version | Build Status| |---|---|---|---| -|`cd_apache`| 0.0.1.0 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_apache)](https://jenkins.confdroid.com/job/cd_apache/)| +|`cd_apache`| 0.0.1.1 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_apache)](https://jenkins.confdroid.com/job/cd_apache/)| ### Synopsis `Apache httpd` is a very powerful and widely used web server. @@ -52,7 +52,7 @@ As stated in the ynopsis, this module was written particularly for usage as base * WordPress * Nagios etc. -With those use cases, you would provide the vHosts at the Puppet module for the application, not the base module. Also, if you plan to use this module to run a plain fully fledged web server, you would use a role- or profile class/module on top of `cd_apache` to set up your vHost exactly as needed. Examples for regular basic vHost configuration files are included in the examples directory. The exact layout for your particular vhost configuration files depend a lot on your application and organization requirements, and cannot be predicted from outside per se. +With those use cases, you would provide the vHosts at the Puppet module for the application, not the base module. Also, if you plan to use this module to run a plain fully fledged web server, you would use a role- or profile class/module on top of `cd_apache` to set up your vHost exactly as needed. Examples for regular basic vHost configuration files are included in the examples directory as parameterized .erb files. You would create a define for vhosts, i.e. using the example parameters, and simply add `cd_apache` as requirement (i.e. require cd_apache) so it gets installed automatically. ### Repo Structure Repostructure as been moved to REPOSTRUCTURE.md diff --git a/templates/vhost/CentOS/6/vhost.erb b/examples/vhost.erb similarity index 100% rename from templates/vhost/CentOS/6/vhost.erb rename to examples/vhost.erb diff --git a/templates/vhost/CentOS/6/vhost_ssl.erb b/examples/vhost_ssl.erb similarity index 100% rename from templates/vhost/CentOS/6/vhost_ssl.erb rename to examples/vhost_ssl.erb From 7ac9b407305f98f587a4fe559969ed116995b9dd Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 9 Jul 2017 16:18:26 +0100 Subject: [PATCH 3/7] added vhost examples --- examples/vhost_ssl.erb | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/examples/vhost_ssl.erb b/examples/vhost_ssl.erb index 05689bb..24fe9e6 100644 --- a/examples/vhost_ssl.erb +++ b/examples/vhost_ssl.erb @@ -6,23 +6,14 @@ DirectoryIndex <%= @ae_dir_index %> ErrorLog /var/log/httpd/<%= @ae_server_name %>_ssl_error_log TransferLog /var/log/httpd/<%= @ae_server_name%>_ssl_transfer_log - <% if @ae_use_access_log == true -%> CustomLog /var/log/httpd/<%= @ae_server_name%>_ssl_access_log common - <% end -%> LogLevel <%= @ae_vhost_loglevel %> SSLEngine on SSLProtocol <%= @ae_ssl_protocols%> SSLCipherSuite "<%= @ae_ssl_ciphersuite%>" - -<% if @ae_use_certbot == true -%> - SSLCertificateFile /etc/letsencrypt/live/<%= @ae_server_name %>/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/<%= @ae_server_name %>/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/<%= @ae_server_name %>/fullchain.pem -<% else -%> SSLCertificateFile <%= @ae_tls_cert_path %>/<%= @ae_ssl_vhost_cert %> SSLCertificateKeyFile <%= @ae_tls_key_path %>/<%= @ae_ssl_vhost_key %> SSLCertificateChainFile <%= @ae_tls_cert_path %>/<%= @ae_ssl_vhost_chain %> -<% end -%> SSLOptions +StdEnvVars @@ -45,5 +36,4 @@ CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - From 0768054b488d129555bed450dd8ad16db3f2a7c1 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 9 Jul 2017 16:20:05 +0100 Subject: [PATCH 4/7] added vhost examples --- examples/vhost_ssl.erb | 2 -- 1 file changed, 2 deletions(-) diff --git a/examples/vhost_ssl.erb b/examples/vhost_ssl.erb index 24fe9e6..eedbfaa 100644 --- a/examples/vhost_ssl.erb +++ b/examples/vhost_ssl.erb @@ -28,8 +28,6 @@ Allow from <%= @ae_allow_from %> - <% end %> - SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 From fefd3a57ab1309e7b28ee1c78c5a9469ae4e48f5 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 9 Jul 2017 16:22:04 +0100 Subject: [PATCH 5/7] removed sites and simply added the examples --- manifests/sites/vhost.pp | 156 --------------------------------------- 1 file changed, 156 deletions(-) delete mode 100644 manifests/sites/vhost.pp diff --git a/manifests/sites/vhost.pp b/manifests/sites/vhost.pp deleted file mode 100644 index 724448e..0000000 --- a/manifests/sites/vhost.pp +++ /dev/null @@ -1,156 +0,0 @@ -## cd_apache::sites::vhost -# Module name: cd_apache -# Author: Arne Teuke (arne_teuke@confdroid.com) -# License: -# This file is part of cd_apache. -# -# cd_apache is used for providing automatic configuration of -# Apache Websites. -# Copyright (C) 2014 confdroid (copyright@confdroid.com) -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . -# @summary Define to allow setting up individual multiple virtual hosts. -# @param [boolean] ae_use_https Whether or not to use https. It is highly -# recommended to **__always__** use https. Using certbot/letsencypt as -# automated CA certification option, it does create additional costs but -# increases traffic security of your website for your users. -# @param [boolean] ae_http_https_fw Whether or not to forward http traffic to -# https. Recommended. Only active if `ae_use_https` is set to `true`. -# @param [string] ae_vhost_port Specify the port number for the vhost -# @param [string] ae_ssl_vhost_port Specify the ssl port number for the vhost. -# @param [string] ae_server_admin email address, where problems with the server -# should be e-mailed to. This address appears on some server-generated pages, -# such as error documents. e.g. admin@your-domain.com -# @param [string] ae_server_name What domain name should the vhost listen to, -# i.e. example.com. do not use `www.` in here as that is automatically added -# through the template, and the server_name itself is added through aliases. -# @param [string] ae_vhost_root_path The root path where your vhost will live. -# i.e. /var/www/html. This is used to build a string for the full doc path -# together with `ae_server_name` i.e. /var/www/html/example.com -# @param [string] ae_allow_from Specify a network address here if trying to -# strict access to the website to a particular network range. Otherwise leave -# `all` to allow unrestricted access. -# @param [boolean] ae_use_access_log Whether or not to keep an access log for -# your website. Note that in certain contries it is illegal nowadays to keep -# the access log for prolonged time or to keep it at all. -# @param [string] ae_dir_index Specify the directory index, i.e. `index.html` -# or `index.php` etc. -# @param [string] ae_vhost_loglevel Specify the LogLevel. -# @param [string] ae_ssl_protocol Specify the supported ssl protocols, i.e. -# `all TLSv1 -SSLv2 -SSLv3` (i.e. do not support any SSL version as they all -# are compromised, use TLS only). -# @param [string] ae_ssl_cipher_suite Specify teh cipher suite you want to -# support. -############################################################################## -define cd_apache::sites::vhost ( - -$ae_use_https = true, -$ae_http_https_fw = true, -$ae_vhost_port = '80', -$ae_ssl_vhost_port = '443', -$ae_server_admin = 'root@localhost', -$ae_server_name = undef, -$ae_vhost_root_path = '/var/www/html/', -$ae_allow_from = 'all', -$ae_use_access_log = false, -$ae_dir_index = 'index.html', -$ae_vhost_loglevel = 'warn', -$ae_ssl_protocol = 'all TLSv1 -SSLv2 -SSLv3', -$ae_ssl_cipher_suite = 'EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4', -$ae_tls_cert_path = '/etc/pki/tls/certs', -$ae_tls_key_path = '/etc/pki/tls/private', -$ae_ssl_vhost_cert = "${::domain}.crt", -$ae_ssl_vhost_key = "${::domain}.key", -$ae_ssl_vhost_chain = "${::domain}.ca-cert", -$ae_use_certbot = true, - -) { - -$ae_manage_cfg = $::cd_apache::params::ae_manage_cfg -$ae_conf_d_dir = $::cd_apache::params::ae_conf_d_dir -$ae_service = $::cd_apache::params::ae_service -$ae_doc_root = "${ae_vhost_root_path}/${ae_server_name}" -$ae_vhost_erb = $::cd_apache::params::ae_vhost_erb -$ae_vhost_ssl_erb = $::cd_apache::params::ae_vhost_ssl_erb - - - # allow creating vhosts but only if we are managing the server configuration - if $ae_manage_cfg == true { - if $ae_use_https != true { - - file { "${name}.conf": - ensure => file, - path => "${ae_conf_d_dir}/${name}.conf", - owner => 'root', - group => 'foot', - mode => '0644', - selrange => s0, - selrole => object_r, - seltype => httpd_config_t, - seluser => system_u, - content => template($ae_vhost_erb), - notify => Service[$ae_service], - } - } - - if $ae_use_https == true { - if $ae_http_https_fw == true { - - file { "${name}.conf": - ensure => file, - path => "${ae_conf_d_dir}/${name}.conf", - owner => 'root', - group => 'foot', - mode => '0644', - selrange => s0, - selrole => object_r, - seltype => httpd_config_t, - seluser => system_u, - content => template($ae_vhost_erb), - notify => Service[$ae_service], - } - - file { "${name}_ssl.conf": - ensure => file, - path => "${ae_conf_d_dir}/${name}_ssl.conf", - owner => 'root', - group => 'foot', - mode => '0644', - selrange => s0, - selrole => object_r, - seltype => httpd_config_t, - seluser => system_u, - content => template($ae_vhost_ssl_erb), - notify => Service[$ae_service], - } - } - - if $ae_http_https_fw != true { - - file { "${name}_ssl.conf": - ensure => file, - path => "${ae_conf_d_dir}/${name}_ssl.conf", - owner => 'root', - group => 'foot', - mode => '0644', - selrange => s0, - selrole => object_r, - seltype => httpd_config_t, - seluser => system_u, - content => template($ae_vhost_ssl_erb), - notify => Service[$ae_service], - } - } - } - } -} From ed7589fbfab9f488c2cef8410b3b1a33b09f4135 Mon Sep 17 00:00:00 2001 From: Arne Teuke Date: Sun, 9 Jul 2017 16:23:38 +0100 Subject: [PATCH 6/7] removed sites and simply added the examples --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4198f57..4a73c17 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ |Repo Name| version | Build Status| |---|---|---|---| -|`cd_apache`| 0.0.1.1 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_apache)](https://jenkins.confdroid.com/job/cd_apache/)| +|`cd_apache`| 0.0.1.2 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_apache)](https://jenkins.confdroid.com/job/cd_apache/)| ### Synopsis `Apache httpd` is a very powerful and widely used web server. From ed5ca1113ea3170d3c16bfcfe5ffc5945148f3af Mon Sep 17 00:00:00 2001 From: Jenkins Server Date: Sun, 9 Jul 2017 17:24:08 +0200 Subject: [PATCH 7/7] recommit for updates in build 9 --- CHANGELOG.md | 10 +++++ REPOSTRUCTURE.md | 5 ++- doc/_index.html | 2 +- doc/file.README.html | 38 ++++++++++++++++--- doc/index.html | 38 ++++++++++++++++--- doc/puppet_classes/cd_apache.html | 2 +- .../cd_apache_3A_3Amain_3A_3Aconfig.html | 2 +- doc/puppet_classes/cd_apache_3A_3Aparams.html | 2 +- .../cd_apache_3A_3Aserver_3A_3Adirs.html | 2 +- .../cd_apache_3A_3Aserver_3A_3Afiles.html | 2 +- .../cd_apache_3A_3Aserver_3A_3Ainstall.html | 2 +- .../cd_apache_3A_3Aserver_3A_3Aservice.html | 2 +- .../cd_apache_3A_3Aserver_3A_3Auser.html | 2 +- doc/top-level-namespace.html | 2 +- 14 files changed, 88 insertions(+), 23 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4d3a90c..ece9a1b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,16 @@ Changelog of Git Changelog.

No issue

+36dc5918e52df38 Jenkins Server 2017-07-07 16:41:30 +

+

recommit for updates in build 4

+ +

+3715b3a582a1a5a Arne Teuke 2017-07-07 16:40:31 +

+

updated README

+ +

871d6e65baf4ec4 Jenkins Server 2017-07-07 16:38:35

recommit for updates in build 3

diff --git a/REPOSTRUCTURE.md b/REPOSTRUCTURE.md index 995c7da..dfe3469 100644 --- a/REPOSTRUCTURE.md +++ b/REPOSTRUCTURE.md @@ -23,6 +23,9 @@ | |-- index.html | |-- puppet_class_list.html | `-- top-level-namespace.html +|-- examples +| |-- vhost.erb +| `-- vhost_ssl.erb |-- manifests | |-- main | | `-- config.pp @@ -47,4 +50,4 @@ |-- Jenkinsfile `-- README.md -8 directories, 39 files +9 directories, 41 files diff --git a/doc/_index.html b/doc/_index.html index 2ac1c0e..e203efc 100644 --- a/doc/_index.html +++ b/doc/_index.html @@ -137,7 +137,7 @@ diff --git a/doc/file.README.html b/doc/file.README.html index 9ab0288..2cab477 100644 --- a/doc/file.README.html +++ b/doc/file.README.html @@ -61,7 +61,7 @@

|Repo Name| version | Build Status| |---|---|---|---| -|cd_apache| 0.0.1.0 | cd_apache| 0.0.1.2 | {Build Status/]|

@@ -70,10 +70,9 @@ Status/]|

Apache httpd is a very powerful and widely used web server.

cd_apache automates the installation and configuration of -httpd. This module is a base module providing the httpd service itself, -meaning that it is designed to be used by other role- or profile modules, -adding more detailed configurations specific to the particular use case, -i.e. full content servers, front-end for application servers, proxies etc.

+httpd. This module is a base module simply providing the httpd service +itself to be used by other role- or profile modules, adding more detailed +configurations specific to the particular use case.

WARNING

@@ -139,6 +138,33 @@ system permissions

Maintenance * manage the service

+

vHosts

+ +

As stated in the ynopsis, this module was written particularly for usage as +base module. Apache httpd has a great number of usae cases +where it actually is not used directly as full blown webser, but instead as +'sub-service'. Examples here would be

+
  • +

    frontend proxy for other applications to avoid having to put the port +number into the URL

    +
  • +

    applications like phpMyAdmin, phpPgAdmin

    +
  • +

    WordPress

    +
  • +

    Nagios etc.

    +
+ +

With those use cases, you would provide the vHosts at the Puppet module for +the application, not the base module. Also, if you plan to use this module +to run a plain fully fledged web server, you would use a role- or profile +class/module on top of cd_apache to set up your vHost exactly +as needed. Examples for regular basic vHost configuration files are +included in the examples directory as parameterized .erb files. You would +create a define for vhosts, i.e. using the example parameters, and simply +add cd_apache as requirement (i.e. require cd_apache) so it +gets installed automatically.

+

Repo Structure

Repostructure as been moved to REPOSTRUCTURE.md

@@ -251,7 +277,7 @@ environments.

diff --git a/doc/index.html b/doc/index.html index 850257d..a1878d0 100644 --- a/doc/index.html +++ b/doc/index.html @@ -61,7 +61,7 @@

|Repo Name| version | Build Status| |---|---|---|---| -|cd_apache| 0.0.1.0 | cd_apache| 0.0.1.2 | {Build Status/]|

@@ -70,10 +70,9 @@ Status/]|

Apache httpd is a very powerful and widely used web server.

cd_apache automates the installation and configuration of -httpd. This module is a base module providing the httpd service itself, -meaning that it is designed to be used by other role- or profile modules, -adding more detailed configurations specific to the particular use case, -i.e. full content servers, front-end for application servers, proxies etc.

+httpd. This module is a base module simply providing the httpd service +itself to be used by other role- or profile modules, adding more detailed +configurations specific to the particular use case.

WARNING

@@ -139,6 +138,33 @@ system permissions

Maintenance * manage the service

+

vHosts

+ +

As stated in the ynopsis, this module was written particularly for usage as +base module. Apache httpd has a great number of usae cases +where it actually is not used directly as full blown webser, but instead as +'sub-service'. Examples here would be

+
  • +

    frontend proxy for other applications to avoid having to put the port +number into the URL

    +
  • +

    applications like phpMyAdmin, phpPgAdmin

    +
  • +

    WordPress

    +
  • +

    Nagios etc.

    +
+ +

With those use cases, you would provide the vHosts at the Puppet module for +the application, not the base module. Also, if you plan to use this module +to run a plain fully fledged web server, you would use a role- or profile +class/module on top of cd_apache to set up your vHost exactly +as needed. Examples for regular basic vHost configuration files are +included in the examples directory as parameterized .erb files. You would +create a define for vhosts, i.e. using the example parameters, and simply +add cd_apache as requirement (i.e. require cd_apache) so it +gets installed automatically.

+

Repo Structure

Repostructure as been moved to REPOSTRUCTURE.md

@@ -251,7 +277,7 @@ environments.

diff --git a/doc/puppet_classes/cd_apache.html b/doc/puppet_classes/cd_apache.html index 3dda502..d2c1329 100644 --- a/doc/puppet_classes/cd_apache.html +++ b/doc/puppet_classes/cd_apache.html @@ -140,7 +140,7 @@ class cd_apache { diff --git a/doc/puppet_classes/cd_apache_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/cd_apache_3A_3Amain_3A_3Aconfig.html index b4077c0..bbef899 100644 --- a/doc/puppet_classes/cd_apache_3A_3Amain_3A_3Aconfig.html +++ b/doc/puppet_classes/cd_apache_3A_3Amain_3A_3Aconfig.html @@ -153,7 +153,7 @@ class cd_apache::main::config ( diff --git a/doc/puppet_classes/cd_apache_3A_3Aparams.html b/doc/puppet_classes/cd_apache_3A_3Aparams.html index a089ffe..d540dbc 100644 --- a/doc/puppet_classes/cd_apache_3A_3Aparams.html +++ b/doc/puppet_classes/cd_apache_3A_3Aparams.html @@ -525,7 +525,7 @@ $ae_userdir_erb = 'cd_apache/userdir_conf.erb' diff --git a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Adirs.html b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Adirs.html index 9b662ff..4b47851 100644 --- a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Adirs.html +++ b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Adirs.html @@ -528,7 +528,7 @@ class cd_apache::server::dirs ( diff --git a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Afiles.html b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Afiles.html index ad06225..7cf46c4 100644 --- a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Afiles.html +++ b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Afiles.html @@ -323,7 +323,7 @@ class cd_apache::server::files ( diff --git a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Ainstall.html b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Ainstall.html index f50efe5..ffd057b 100644 --- a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Ainstall.html +++ b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Ainstall.html @@ -159,7 +159,7 @@ class cd_apache::server::install ( diff --git a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Aservice.html index bea0fed..147de5e 100644 --- a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Aservice.html +++ b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Aservice.html @@ -165,7 +165,7 @@ class cd_apache::server::service ( diff --git a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Auser.html b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Auser.html index 50acad4..e3263a1 100644 --- a/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Auser.html +++ b/doc/puppet_classes/cd_apache_3A_3Aserver_3A_3Auser.html @@ -209,7 +209,7 @@ class cd_apache::server::user ( diff --git a/doc/top-level-namespace.html b/doc/top-level-namespace.html index 1cc195c..8cdbdd0 100644 --- a/doc/top-level-namespace.html +++ b/doc/top-level-namespace.html @@ -90,7 +90,7 @@